SAP Warns of Critical Security Vulnerabilities in Core Products

SAP's latest patch cycle addresses critical code injection vulnerabilities. Act now to protect your enterprise environment.

, and Administrator

2025 October 6 . 4:32 PM

1 min read

In this image we can see a bug on the leaf.

SAP Warns of Critical Security Vulnerabilities in Core Products

SAP has issued a serious warning following the discovery of two critical security vulnerabilities affecting core SAP products. The vulnerabilities, CVE-2025-42957 and CVE-2025-42950, impact SAP S/4HANA and SAP Landscape Transformation respectively, and pose significant risks to enterprise environments.

On August 12, 2025, SAP published 15 new security advisories as part of its regular Security Patch Day. Among these, three critical code injection vulnerabilities were patched, which could enable attackers to execute arbitrary code with elevated privileges. Notably, SAP has readdressed a previously known code injection vulnerability in S/4HANA (CVE-2025-27429) with an update. Additionally, there were 4 updates to previously published security advisories.

The current patch cycle addresses a range of vulnerabilities with varying severity in several SAP products. Notable security updates include SAP GUI for Windows and the SAP Cloud Connector. Attacks can be carried out with low effort and without user interaction, making them an attractive target for cybercriminals.

SAP strongly recommends that customers obtain the patches as soon as possible via the Support Portal, prioritizing the three critical code injection security gaps. While no specific companies have been publicly identified as having SAP systems affected by the CVE-2025-42957 and CVE-2025-42950 vulnerabilities, exploitation attempts were reported in early September 2025. SAP released patches for these critical vulnerabilities on August 12, 2025.